Users, Teams, and Identities with Item Lifecycle-Based Access Control

Users, Teams, and Identities with Item Lifecycle-Based Access Control

Gnosis Views, Lifecycle Transitions, Workflow, and APIs are Identity & Lifecycle-based Access-controlled, meaning User Permissions to access Data and run Processes are based on the Users’ Identity Membership and the Item’s current Lifecycle State.

Gnosis Identities are Users and Teams, which can have both Users and other Teams as Members, forming nested Memberships.

For instance, an Employees Team may include the Sales, Marketing, and Development Teams as Members. So, the Members are all the Teams are also Employees.

Permissions for Employees can be restrictive, while the Permission for the Sales and Development Teams can grant more Permissions specific to their Members.

Plus, regardless of your Front-end Tool of choice, your Application’s Users, Teams, and Permissions remain the same on the Back-end.

This allows you to build your MVP and experiment with the various No-code/Low-code or Full-code Front-end Tools without reimplementing the User Account Management.

Users

A User Account is required to connect and interact with Gnosis. User Accounts can be created with a User Email and Password or with External Authentication Providers including Google, Facebook, and LinkedIn.

Users API

Identities API

Auth API

Roles

Users are assigned a Role that governs the User’s Capabilities within Gnosis.

Administrator Role

The purpose of the Administrator Role is to allow users to configure and manage the Gnosis Site and installed Applications.

  • Manager Users and Teams
  • Build/Install & Import/Export Solutions
  • Manage Resources
  • Manage Background Tasks
  • View Security and Error Logs

Developer Role

The purpose of the Developer Role is to create Applications.

  • Manager Users and Teams
  • Manage Solutions
  • Build & Install Solutions
  • Manage Resources
  • Manage Background Tasks
  • View Error Logs

User Role

End-User has no capabilities other than what is permitted by Identity Membership and Permissions.

Teams

Teams are a Named collection of Users and other Teams allowing for hierarchical and nested Teams.

Teams API

Identities

Both Users and Teams are types of Identities, so the granular for Permissions can be at the User level.

Identities API

Permissions

Permission to Create, Update, Delete and Promote Items is based on Identities.

The ability to View Items is based on Identities and, optionally, the Item’s Lifecycle States. So, different Identities may have very different Views of the Items, if at all, based on the State the Item is currently in.

For instance, a Page Item in Draft State may only be visible and updateable by the Creator, while once the Page Item is Promoted to In Review, now Managers can View the Item and update the Item, but the Creator cannot.

Permissions API